package io.cloud.tec.jdk;

import java.io.FilePermission;
import java.security.*;
import java.util.Objects;

public class SandboxExample {
    public static void main(String[] args) {
        Policy.setPolicy(new SandboxPolicy());
        SecurityManager securityManager = System.getSecurityManager();
        if (Objects.isNull(securityManager)) {
            System.setSecurityManager(new SecurityManager());
        }
        Runnable task = new SandboxTask();
        AccessController.doPrivileged(
                (PrivilegedAction<Void>) () -> {
                    task.run();
                    return null;
                });
    }
}

class SandboxPolicy extends Policy {
    public PermissionCollection getPermissions(CodeSource codesource) {
        Permissions p = new Permissions();
        p.add(new FilePermission("/tmp/", "read"));
        return p;
    }
}

class SandboxTask implements Runnable {
    public void run() {
        System.out.println("This is a safe task running in a sandbox environment.");
    }
}
